This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/MqZHWBmMNelEjKHD9rL777ZFFPQ.roa File: MqZHWBmMNelEjKHD9rL777ZFFPQ.roa (raw, json) Hash identifier: JT8l5waJdgBD+v5IZbCIxziinVIIlhSs3+boP+bJ1mw= Subject key identifier: 32:A6:47:58:19:8C:35:E9:44:8C:A1:C3:F6:B2:FB:EF:B6:45:14:F4 Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a Certificate serial: 019B7A5B2E9F316E2524769E934E8486977D Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/MqZHWBmMNelEjKHD9rL777ZFFPQ.roa Signing time: Thu 01 Jan 2026 16:19:14 +0000 ROA not before: Thu 01 Jan 2026 16:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4787 IP address blocks: 148.253.254.0/24 maxlen: 24 148.253.255.0/24 maxlen: 24 163.171.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:2e:9f:31:6e:25:24:76:9e:93:4e:84:86:97:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a Validity Not Before: Jan 1 16:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=32a64758198c35e9448ca1c3f6b2fbefb64514f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:8a:e5:fe:fc:3f:39:86:0a:d7:76:42:91:e0: d1:a8:31:65:6d:6e:23:53:92:db:61:5e:5f:53:0e: 89:02:26:cb:84:15:e5:e2:65:ef:1a:c2:b8:d3:11: 27:95:38:24:56:c4:c6:af:76:d3:19:3a:de:f2:c6: 8d:cd:30:12:f5:8e:4b:41:9e:62:13:7f:56:e4:d3: d4:a9:72:93:a6:c2:63:77:cb:c9:18:a2:7d:7d:ff: 83:75:1a:eb:63:ac:a4:95:97:95:4c:42:62:b8:4c: 2e:dd:27:c0:66:c3:29:6b:0f:62:50:ad:6f:70:8c: b7:e6:19:c7:ae:d7:fd:1b:d9:50:57:38:8c:aa:48: 42:5c:46:86:55:69:67:65:26:a0:0b:07:c9:43:ec: c3:f5:36:af:1b:9b:f5:90:9d:62:74:15:bb:bb:d3: 8e:c7:ce:e8:fc:ce:83:ae:22:c1:c4:d9:dc:55:f6: 68:76:6c:4c:e0:1f:bc:3b:8a:6e:94:6c:18:b2:04: 08:b4:f8:a8:d2:6d:f7:51:f2:04:52:19:a0:26:33: 73:86:14:ea:34:4d:09:3c:56:b6:2c:ee:0b:96:c5: 0c:3b:ee:ad:9d:12:10:2e:15:11:89:e8:f0:83:50: 46:31:40:d1:2d:53:3e:fa:62:51:c1:a1:2c:11:df: aa:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:A6:47:58:19:8C:35:E9:44:8C:A1:C3:F6:B2:FB:EF:B6:45:14:F4 X509v3 Authority Key Identifier: keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/MqZHWBmMNelEjKHD9rL777ZFFPQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 148.253.254.0/23 163.171.67.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:13:08:25:4e:09:ca:d6:4d:37:f8:87:90:1d:cd:6a:7c:9a: c9:e5:92:01:54:28:f5:6b:53:de:cd:eb:56:88:dc:4f:db:8c: b5:f9:39:d7:35:ea:b5:1f:36:b8:9a:bc:e0:bc:37:32:0d:40: ce:a3:19:47:16:fa:9e:1b:57:fc:86:be:c8:03:85:10:74:af: 36:57:a4:25:78:f1:99:7c:ab:df:bb:7a:d4:0f:9d:1a:0c:92: bc:5c:dc:40:f0:7a:05:11:17:9e:2f:40:27:aa:ec:50:ed:8d: e3:e1:17:17:29:ec:6f:89:ef:25:d9:85:75:7e:04:86:3e:50: 61:f1:64:de:f7:1b:33:74:3e:17:04:f3:f7:64:e5:f4:fc:08: 7a:76:b6:de:66:1e:ab:08:e4:30:4e:c8:b3:ce:ad:33:2e:e8: 47:c0:7a:7c:c2:cd:98:75:10:ac:d8:dc:b7:cb:93:a3:2c:cc: 1f:16:68:50:4f:16:a3:4f:21:b7:ab:6f:3a:3e:8f:37:46:8c: 34:13:98:b9:2e:43:47:79:f7:5b:a8:bd:90:00:b5:be:71:ae: d1:38:bc:a1:77:6d:e5:63:8d:c3:5a:77:8c:ef:fc:81:eb:a9: fc:24:5f:c1:8a:2a:2d:11:ed:1a:ec:39:80:d9:7e:d9:4b:73: 0b:df:4d:ca -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wy6fMW4lJHaek06Ehpd9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5 ZDcwNmEwHhcNMjYwMTAxMTYxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMmE2NDc1ODE5OGMzNWU5NDQ4Y2ExYzNmNmIyZmJlZmI2NDUxNGY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4rl/vw/OYYK13ZCkeDRqDFlbW4j U5LbYV5fUw6JAibLhBXl4mXvGsK40xEnlTgkVsTGr3bTGTre8saNzTAS9Y5LQZ5i E39W5NPUqXKTpsJjd8vJGKJ9ff+DdRrrY6yklZeVTEJiuEwu3SfAZsMpaw9iUK1v cIy35hnHrtf9G9lQVziMqkhCXEaGVWlnZSagCwfJQ+zD9TavG5v1kJ1idBW7u9OO x87o/M6DriLBxNncVfZodmxM4B+8O4pulGwYsgQItPio0m33UfIEUhmgJjNzhhTq NE0JPFa2LO4LlsUMO+6tnRIQLhURiejwg1BGMUDRLVM++mJRwaEsEd+q2wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDKmR1gZjDXpRIyhw/ay+++2RRT0MB8GA1UdIwQY MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt YjVkODg4YWRmZDM3LzEvTXFaSFdCbU1OZWxFaktIRDlyTDc3N1pGRlBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3 LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBlP3+AwQA o6tDMA0GCSqGSIb3DQEBCwUAA4IBAQAMEwglTgnK1k03+IeQHc1qfJrJ5ZIBVCj1 a1PezetWiNxP24y1+TnXNeq1Hza4mrzgvDcyDUDOoxlHFvqeG1f8hr7IA4UQdK82 V6QlePGZfKvfu3rUD50aDJK8XNxA8HoFEReeL0AnquxQ7Y3j4RcXKexvie8l2YV1 fgSGPlBh8WTe9xszdD4XBPP3ZOX0/Ah6drbeZh6rCOQwTsizzq0zLuhHwHp8ws2Y dRCs2Ny3y5OjLMwfFmhQTxajTyG3q286Po83Row0E5i5LkNHefdbqL2QALW+ca7R OLyhd23lY43DWneM7/yB66n8JF/BiiotEe0a7DmA2X7ZS3ML303K -----END CERTIFICATE-----Generated at Mon Jan 26 22:36:42 2026 by rpki-client